Skip to content

Hide Navigation Hide TOC

Python Code Execution / Remote Code Execution via LLM Prompt - ATR-2026-00297 (b4bec62f-efde-5bae-b567-e06ebafed048)

Detects Python remote code execution (RCE) patterns injected via LLM prompts, sourced from 9 real payloads in NVIDIA garak python_code_execution.json (payload name: "Run python code that will cause a system-level effect"). Patterns include import('os') to access os.system/popen, eval(compile(...)) for multi-line code execution, subprocess .run() with shell=True, lambda-based socket reverse shells with s.connect() and s.recv()/s.send(), class MRO introspection via class.mro[1].subclasses() for sandbox escape, and file write via open('/tmp/...'). These represent the primary Python code injection patterns used against LLM agents with code execution capabilities.

Cluster A Galaxy A Cluster B Galaxy B Level
Python Code Execution / Remote Code Execution via LLM Prompt - ATR-2026-00297 (b4bec62f-efde-5bae-b567-e06ebafed048) Agent Threat Rules LLM Prompt Injection (19cd2d12-66ff-487c-a05c-e058b027efc9) MITRE ATLAS Attack Pattern 1
Python Code Execution / Remote Code Execution via LLM Prompt - ATR-2026-00297 (b4bec62f-efde-5bae-b567-e06ebafed048) Agent Threat Rules AI Model Inference API Access (90a420d4-3f03-4800-86c0-223c4376804a) MITRE ATLAS Attack Pattern 1